8 Modular QoS CLI Classification Overview This chapter focuses on the classification element of the modular QoS command- line interface. It includes the following topics: n Introduction to Modular QoS CLI n Classification Options n Network Based Application Recognition (NBAR) Objectives Upon completion of this module, you will be able to perform the following tasks: n Describe the classification element of the Modular QoS CLI n Describe and configure all currently supported classification options within the MQC n Understand Network-based Application Recognition (NBAR) n Monitor and troubleshoot class maps 8-2 IP QoS—Modular QoS CLI Classification Copyright  2001, Cisco Systems, Inc. Introduction to Modular QoS CLI Objectives Upon completion of this lesson, you will be able to perform the following tasks: n Describe the MQC concepts and structure n Configure class maps n Monitor and troubleshoot class maps Copyright  2001, Cisco Systems, Inc. IP QoS—Modular QoS CLI Classification 8-3 © 2001, Cisco Systems, Inc. IP QoS - Modular QoS CLI Classification -5 Modular QoS CLI Modular QoS CLI • The Modular QoS CLI (MQC) provides a modular approach to configuration of QoS mechanisms • Classification is configured separately from the QoS service policy • MQC also provides modularity to implementation of QoS mechanisms in the Cisco IOS: – New QoS mechanisms can reuse old classification options – New QoS classification options can also be used by older QoS mechanisms The Quality of Service mechanisms that have been added to the Cisco IOS all had their own set of classification options. For example: n Committed Access Rate (CAR) can classify packets by using: – Access lists – QoS group – DSCP – Rate limit access list n Traffic Shaping (GTS) can classify packets by using access lists n Priority Queuing (PQ) and Custom Queuing (CQ) can classify packets by using: – Access lists – Packets size – Fragment – TCP or UDP port number The Modular Quality of Service Command Line Interface (MQC) was introduced to allow any supported classification to be used with any QoS mechanism. The separation of classification from the QoS mechanism allows new IOS versions to introduce new QoS mechanisms and reuse all available classification options. On the other hand, old QoS mechanisms can benefit from new classification options. Another important benefit of the MQC is the reusability of configuration. MQC allows the same QoS policy to be applied to multiple interfaces. CAR, for example, 8-4 IP QoS—Modular QoS CLI Classification Copyright  2001, Cisco Systems, Inc. required entire configurations to be copy-pasted between interfaces and modifying configurations was tiresome. The Modular QoS CLI, therefore, is a consolidation of all the QoS mechanisms that have so far only been available as standalone mechanisms. This module focuses on the classification element of the Modular QoS CLI. Copyright  2001, Cisco Systems, Inc. IP QoS—Modular QoS CLI Classification 8-5 © 2001, Cisco Systems, Inc. IP QoS - Modular QoS CLI Classification -6 Separation of Classification Separation of Classification Classification Traffic Policy Class 1? Class 2? Class N? CB-WFQ CB-LLQ CB-Policing packet Interface or Forwarding Implementing QoS by using the MQC consists of three steps: Step 1 Configuring classification by using the class-map command Step 2 Configuring traffic policy by associating the traffic class with one or more QOS features using the policy-map command Step 3 Attaching the traffic policy to inbound or outbound traffic on interfaces, subinterfaces or virtual circuits by using the service-policy command Class maps are used to create classification templates that are later used in policy maps where QoS mechanisms are bound to classes. Routers can be configured with a large number of class maps (currently limited to 256). Each traffic policy, however, may support a limited number of classes (for example: Class-based Weighted Fair Queuing and Class-based Low-latency Queuing are limited to 64 classes). The figure illustrates an implementation where traffic is classified into N classes. Each class is handled by one or more QoS mechanisms (for example, Class-based Weighted Fair Queuing, Class-based Low-latency Queuing, Class-based Policing). 8-6 IP QoS—Modular QoS CLI Classification Copyright  2001, Cisco Systems, Inc. © 2001, Cisco Systems, Inc. IP QoS - Modular QoS CLI Classification -7 Class Maps Class Maps • Each class is identified using a Class Map • Each Class Map is identified by a case- sensitive name • Class maps can operate in two modes – Match All – all conditions have to succeed – Match Any – at least one condition must succeed • The default mode is Match all A class map is created using the class-map global configuration command. Class maps are identified by case-sensitive names. Each class map contains one or more conditions that determine if the packet belongs to the class. There are two ways of processing conditions when there is more than one condition in a class map: n Match all—all conditions have to be met to bind a packet to the class n Match any—at least one condition has to be met to bind the packet to the class The default match strategy of class maps is “Match all”. Copyright  2001, Cisco Systems, Inc. IP QoS—Modular QoS CLI Classification 8-7 © 2001, Cisco Systems, Inc. IP QoS - Modular QoS CLI Classification -8 Classification using Class Maps Classification using Class Maps Match Mode? Match all conditions? Match at least one condition? No Yes No Match Match Class Map name Yes No Match all Match any The figure illustrates the full process of determining if a packet belongs to a class (match) or not (no match). The process goes through the list of conditions and: n Returns a “match” result if one of the conditions is met and the match-any strategy is used n Returns a “match” result if all conditions are met and the match-all strategy is used n Otherwise it returns “no match” 8-8 IP QoS—Modular QoS CLI Classification Copyright  2001, Cisco Systems, Inc. © 2001, Cisco Systems, Inc. IP QoS - Modular QoS CLI Classification-9 Classification Using Match All Strategy Classification Using Match All Strategy • Match-all requires all conditions to return a positive answer • If one condition is not met the class map will return a “no match” result Match Condition? No Match Match More Conditions? Yes No Class Map name No Yes The figure illustrates a simplified flowchart for the match-all strategy. The processing of a match-all class map can be divided into the following steps: Step 1 Evaluate a condition Step 2 Return a “no match” result and stop processing the class map if the condition is not met Step 3 Go to Step 1 if there are more conditions Step 4 Returns a “match” result Copyright  2001, Cisco Systems, Inc. IP QoS—Modular QoS CLI Classification 8-9 © 2001, Cisco Systems, Inc. IP QoS - Modular QoS CLI Classification-10 Classification Using Match Any Strategy Classification Using Match Any Strategy • Match-any requires at least one condition to return a positive answer • If no condition is met the class map will return a “no match” result Match Condition? No Match Match Class Map name No Yes More Conditions? Yes No The figure illustrates a simplified flowchart for the match-any strategy. The processing of a match-all class map can be divided into the following steps: Step 1 Evaluate a condition Step 2 Return a “match” result and stop processing the class map if the condition is met Step 3 Go to Step 1 if there are more conditions Step 4 Return a “no match” result 8-10 IP QoS—Modular QoS CLI Classification Copyright  2001, Cisco Systems, Inc. © 2001, Cisco Systems, Inc. IP QoS - Modular QoS CLI Classification-11 Classification Options Classification Options The main classification options include the following: • Access list (all access lists are available) • IP Precedence value • IP DSCP value • QoS group number • MPLS experimental bits • Protocol (including NBAR) Class maps can classify packets by using the following classification tools: n Access lists for any protocol can be used within the class-map configuration mode. The Modular QoS CLI can be used for other protocols, not only IP. n IP packets can be classified directly by specifying IP precedence values. n IP packets can also be classified directly by specifying IP DSCP (differentiated services code point) values. DiffServ enabled networks can have up to 64 classes if DSCP is used to mark packets. n A QoS group parameter can be used to classify packets in situations where up to 100 classes are needed or the QoS group parameter is used as an intermediary marker (for example, MPLS to QoS group translation on input and QoS group to class translation on output). n Packets can also be matched based on the value in the experimental bits of the MPLS header of labeled packets. n Classification can be performed by identifying a Layer-3 or Layer-4 protocol. Advanced classification is also available by using the Network-based Application Recognition (NBAR) tool where dynamic protocols are identified by inspecting higher-layer information. [...]... CB-Marking, CBPolicing, QPPB) class-map QoS1 class-map QoS1 match qos- group 1 match qos- group ! ! class-map QoS2 class-map QoS2 match qos- group 2 match qos- group ! ! © 2001, Cisco Systems, Inc IP QoS - Modular QoS CLI Classification-26 A QoS group is another marker with support for a large number of classes Up to 100 classes can be configured by using the QoS group parameter The main drawback of QoS- group... Inc IP QoS Modular QoS CLI Classification 8-2 9 Configuring Classification Using Special Options class-map Well-known-services class-map Well-known-services match access-group 100 match access-group ! ! Class-map Unknown-services Class-map Unknown-services match not class-map Well-known-services match not class-map ! ! Class-map All-services Class-map All-services match any match any ! ! access-list... all references to it Copyright © 2001, Cisco Systems, Inc IP QoS Modular QoS CLI Classification 8-1 3 Class Map Example class-map match-any class-map match-any match access-group match access-group match access-group match access-group class-map match-all class-map match-all match access-group match access-group match access-group match access-group Test1 Test1 101 102 Test2 Test2 101 102 • This example... Inc IP QoS Modular QoS CLI Classification 8-2 3 Configuring Classification Using QoS Group router(config-cmap)# match ip qos- group qos- group qos- group qos- group • Select the QoS group identifying the class • Allowed values are from 0 to 99 • All packets marked with the QoS group value are matched by this class map • The QoS group is a prameter local to the router; it has to be set by some other QoS. .. the selected IP precedence values are matched by this class map IP Precedence Value 0 1 2 3 4 5 6 7 © 2001, Cisco Systems, Inc IP Precedence Name routine priority immediate flash flash-override critical internet network class-map class-map match ip match ip ! ! class-map class-map match ip match ip ! ! class-map class-map match ip match ip ! ! class-map class-map match ip match ip ! ! VoIP precedence... implementation of a similar design Copyright © 2001, Cisco Systems, Inc IP QoS Modular QoS CLI Classification 8-2 1 Configuring Classification Using DSCP class-map class-map match ip ! ! class-map class-map match ip match ip ! ! class-map class-map match ip match ip ! ! class-map class-map match ip ! ! class-map class-map match ip ip ! ! Voice Voice dscp ef Gold Gold dscp af11 af12 af13 cs3 cs4 dscp af11 af12... FastEthernet1/1 ! ! class-map match -any Serials class-map match-any Serials match input-interface Serial2/0 match input-interface Serial2/0 match input-interface Serial2/1 match input-interface Serial2/1 match input-interface Serial2/2 match input-interface Serial2/2 match input-interface Serial2/3 match input-interface Serial2/3 ! ! © 2001, Cisco Systems, Inc IP QoS - Modular QoS CLI Classification-28 A packet... interfaces using 802.1Q or ISL encapsulation class-map Strict-priority class-map Strict-priority match cos 5 match cos ! ! class-map High-priority class-map High-priority match cos 4 6 7 match cos 4 ! ! class-map Low-priority class-map Low-priority match cos 0 1 2 3 match cos 0 1 ! ! © 2001, Cisco Systems, Inc IP QoS - Modular QoS CLI Classification-30 Routers can also match on the three Class of Service... Inc IP QoS - Modular QoS CLI Classification-16 n The show class-map command lists all class maps with their match statements n The show class-map command with a name of a class map displays the configuration of the selected class map Copyright © 2001, Cisco Systems, Inc IP QoS Modular QoS CLI Classification 8-1 5 Summary The Modular QoS CLI (MQC) is used to separate the classification from the QoS service... router# show class-map [class-map] • Lists all class-maps or the selected class-map Router#show class-map Router#show class-map Class Map match-all Test2 (id 0) Class Map match-all Test2 (id 0) Match access-group 101 access-group 101 Match access-group 102 access-group 102 Class Map match-any Test1 (id 1) Class Map match-any Match access-group 101 access-group 101 Match access-group 102 access-group 102 Router# . Inc. IP QoS Modular QoS CLI Classification 8-3 © 2001, Cisco Systems, Inc. IP QoS - Modular QoS CLI Classification -5 Modular QoS CLI Modular QoS CLI • The Modular QoS CLI (MQC) provides a modular. element of the Modular QoS CLI. Copyright  2001, Cisco Systems, Inc. IP QoS Modular QoS CLI Classification 8-5 © 2001, Cisco Systems, Inc. IP QoS - Modular QoS CLI Classification -6 Separation. inspecting higher-layer information. Copyright  2001, Cisco Systems, Inc. IP QoS Modular QoS CLI Classification 8-1 1 © 2001, Cisco Systems, Inc. IP QoS - Modular QoS CLI Classification-12 Other